providers/oauth2: fix error when no login event could be found

2021-02-27 16:02:07 +01:00 · 2021-02-27 16:02:07 +01:00 · b862bf4284
parent de22a367b1
commit b862bf4284
1 changed files with 8 additions and 3 deletions
--- a/authentik/providers/oauth2/models.py
+++ b/authentik/providers/oauth2/models.py
@ -4,6 +4,7 @@ import binascii
 import json
 import time
 from dataclasses import asdict, dataclass, field
+from datetime import datetime
 from hashlib import sha256
 from typing import Any, Dict, List, Optional, Type
 from urllib.parse import urlparse
@ -480,10 +481,14 @@ class RefreshToken(ExpiringModel, BaseGrantModel):
            now + timedelta_from_string(self.provider.token_validity).seconds
        )
        # We use the timestamp of the user's last successful login (EventAction.LOGIN) for auth_time
-        auth_event = Event.objects.filter(
+        auth_events = Event.objects.filter(
            action=EventAction.LOGIN, user=get_user(user)
-        ).latest("created")
-        auth_time = int(dateformat.format(auth_event.created, "U"))
+        ).order_by("-created")
+        # Fallback in case we can't find any login events
+        auth_time = datetime.now()
+        if auth_events.exists():
+            auth_time = auth_events.first().created
+        auth_time = int(dateformat.format(auth_time, "U"))

        token = IDToken(
            iss=self.provider.get_issuer(request),